Apache Spot Aims to Fetch Open Network Insights

By Sean Michael Kerner  |  Posted 2016-09-28 Print this article Print

The project formerly known as Open Network Insights moves to the Apache Software Foundation and gets a new name—Apache Spot. It now includes support for DNS and Proxy in addition to NetFlow.

The Open Network Insight (ONI) project, backed by Cloudera, Intel and others and focused on helping organizations use big data for security insights, became generally available earlier this year. The ONI project is now being donated to the Apache Software Foundation (ASF)—home to Hadoop and many big data efforts—and is now getting a new life as the Apache Spot project.

"ONI is being donated to the Apache Software Foundation, which means it, in effect, becomes a new project," Sam Heywood, director of cyber-security strategy at Cloudera, told eWEEK.

ONI is not being renamed, but rather, a new name was chosen for the Apache project, Heywood explained.  He added that Apache projects are typically somewhat whimsical and that projects in the Hadoop ecosystem many times have animal names.

"So keeping with that, Spot is a dog’s name, and you'll notice it's the logo, but 'spot' is also a verb: as in to spot trouble," Heywood said.

The original ONI project used multiple open-source technologies, including the Hadoop big data platform, the Wireshark packet-sniffing platform, nfdump for NetFlow packet capture and the Jupyter project for reporting. Over the last several months, the overall project has expanded with additional capabilities, which are now part of Apache Spot.

"Apache Spot includes support for DNS and Proxy in addition to NetfLow," Heywood said. "Also, Spot is introducing open data models for Network, Endpoint and User, whereas before, only Network was covered."

A primary use-case for Apache Spot is to help organizations reduce the mean time to incident detection and resolution (MTTR), a key metric for measuring security efficacy. In a Cloudera engineering blog post, the company explained that Spot can help improve MTTR by providing a central storage capability that houses all the data needed to facilitate and help conduct an investigation.

As to why ONI is moving to Apache, it's all about building community, Heywood said, adding that Cloudera believes that a community approach is required to fight cyber-crime.

"Apache provides all of the tools, governance and agreed processes for building large communities," Heywood said. "By moving ONI to Apache as Spot, we believe it will accelerate community growth."

While the Apache Spot project is an open-source effort, there are already commercially supported products that are based on the platform. Heywood explained that the Accenture Cyber Intelligence Platform and Cloudwick Open Source Adaptive Security platform are based on Apache Spot.

"We believe Spot will help facilitate a rich ecosystem of open-source and ISV solutions," he said.

Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.


Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel